wolfSSL/wolfssl
1
0
Fork 1
mirror of https://github.com/wolfSSL/wolfssl.git synced 2025-08-02 12:14:38 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for sniffer when using static ECC keys. Adds TLS v1.2 ECC key fallback detection and fixes new ECC RNG requirement for timing resistance.

Browse Source
This commit is contained in:
David Garske
2020-09-24 15:03:26 -07:00
parent 7cfbc598ed
commit bbaf4090b8
1 changed files with 23 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/sniffer.c
View File

@@ -2066,6 +2066,11 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
{ {
word32 idx = 0; word32 idx = 0;
int ret; int ret;
#ifdef HAVE_ECC
int useEccCurveId = ECC_CURVE_DEF;
if (ksInfo && ksInfo->curve_id != 0)
useEccCurveId = ksInfo->curve_id;
#endif
#ifndef NO_RSA #ifndef NO_RSA
/* Static RSA */ /* Static RSA */
@@ -2085,6 +2090,11 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
SetError(RSA_DECODE_STR, error, session, 0); SetError(RSA_DECODE_STR, error, session, 0);
#endif #endif
} }
#ifdef HAVE_ECC
else {
useEccCurveId = -1; /* don't try loading ECC */
}
#endif
} }
if (ret == 0) { if (ret == 0) {
@@ -2135,7 +2145,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#endif /* !NO_RSA */ #endif /* !NO_RSA */
#if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA) #if !defined(NO_DH) && defined(WOLFSSL_DH_EXTRA)
/* Static Ephemeral DH Key */ /* Static DH Key */
if (ksInfo && ksInfo->dh_key_bits != 0) { if (ksInfo && ksInfo->dh_key_bits != 0) {
DhKey dhKey; DhKey dhKey;
const DhParams* params; const DhParams* params;
@@ -2223,8 +2233,8 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
#endif /* !NO_DH && WOLFSSL_DH_EXTRA */ #endif /* !NO_DH && WOLFSSL_DH_EXTRA */
#ifdef HAVE_ECC #ifdef HAVE_ECC
/* Static Ephemeral ECC Key */ /* Static ECC Key */
if (ksInfo && ksInfo->curve_id != 0) { if (useEccCurveId >= ECC_CURVE_DEF) {
ecc_key key; ecc_key key;
ecc_key pubKey; ecc_key pubKey;
int length, keyInit = 0, pubKeyInit = 0; int length, keyInit = 0, pubKeyInit = 0;
@@ -2235,6 +2245,15 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
keyInit = 1; keyInit = 1;
ret = wc_ecc_init(&pubKey); ret = wc_ecc_init(&pubKey);
} }
#if defined(ECC_TIMING_RESISTANT) && (!defined(HAVE_FIPS) || \
(!defined(HAVE_FIPS_VERSION) || (HAVE_FIPS_VERSION != 2))) && \
!defined(HAVE_SELFTEST)
if (ret == 0) {
ret = wc_ecc_set_rng(&key, session->sslServer->rng);
}
#endif
if (ret == 0) { if (ret == 0) {
pubKeyInit = 1; pubKeyInit = 1;
ret = wc_EccPrivateKeyDecode(keyBuf->buffer, &idx, &key, keyBuf->length); ret = wc_EccPrivateKeyDecode(keyBuf->buffer, &idx, &key, keyBuf->length);
@@ -2258,7 +2277,7 @@ static int SetupKeys(const byte* input, int* sslBytes, SnifferSession* session,
} }
if (ret == 0) { if (ret == 0) {
ret = wc_ecc_import_x963_ex(input, length, &pubKey, ksInfo->curve_id); ret = wc_ecc_import_x963_ex(input, length, &pubKey, useEccCurveId);
if (ret != 0) { if (ret != 0) {
SetError(ECC_PUB_DECODE_STR, error, session, FATAL_ERROR_STATE); SetError(ECC_PUB_DECODE_STR, error, session, FATAL_ERROR_STATE);
} }